mkparse[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mkparse.exe
Size

48KB
MD5

48eb28305a21d35b1e7153929cb3de0b
SHA1

bd757df841eefacec18c19c6f05199d31d492e28
SHA256

d56057b133ee2912a18c7bfac5c1f83c0e74a3bcfe76410f78dd528ee694d7e2
SHA512

d52475620c778a171bae204b7bdb58c24359709e164b9a5d237f76ab3adeffb55db3515bbcaaf6c4c143c9a4f2e02cbc30cb5e67f45f15d812870324e8cafa70
SSDEEP

768:/pY7ri0CGH+0AB9STy3X86ktPrFoXbO5Eecg9XAopR:BdJB9SEUPRoX65EecBoT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mkparse.exe

Files

mkparse.exe
.exe windows:4 windows x86

5cf5a8dc2b14b9a9be73f480c25f9e5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
HeapFree
CloseHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
WriteFile
ReadFile
SetFilePointer
FlushFileBuffers
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
LCMapStringA
LCMapStringW

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE